Hello
I am trying to force the admin pages, and most importantly the admin login page, to use https even if the request comes in as http. I have set the following in my configuration:
define(‘ADMIN_PROTOCOL’,‘https’);
but it doesn’t seem to have any effect. If I visit http://mysite.org/lists/admin the connection does not switch over to https. I should point out that I have the SSL certificate all set up and working properly on the site. If I explicitly visit https://mysite.org/lists/admin it works fine, but I don’t want to rely on expecting the user to remember to type the S in the URL.
I figured out another way to accomplish this, which involves editing the .htaccess file for the /admin directory, but this is less than ideal since those changes will get erased with an upgrade to phpList in the future.
Any thoughts/suggestions are most appreciated.
Thanks!